Installation guide
VCM User Interface System
9
VCM User Interface System
The VCM Web Console runs in Internet Explorer and connects to the VCM Web application served by
IIS.
Because VCM users also browse the Internet using Internet Explorer, VCM requires security measures to
protect users of the VCM browser interface from spoofing and cross-site scripting attacks.
Using VCM to Manage the UI System
After you install VCM, your first course of action should be to manage user interface systems in VCM and
subject them to assessment. Run the following VCM compliance template against your user interface zone
systems to detect and identify some of the security setting and configuration issues that you need to
address, including VCM logins from unmanaged machines.
VCM Client Best Practices
NOTE If you have VCM installed and are preparing to set up a UI system, running the template can help
you preharden the candidate system.
The rest of this chapter briefly explains the user interface zone security hardening steps to pursue, either
manually or, if possible, through compliance rules.
User Interface Systems Machine Group
Placing all VCM user interface systems into a dedicated user interface machine group allows the VCM
administrator to separate the management of those systems and test the separation using compliance
rules. In addition, having the group allows the VCM administrator to prevent non-VCM administrators
from controlling user interface machines in the group. Except for VCM administrators, VCM users must
not manage the user interface systems of other VCM users.
VMware, Inc.
39